diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/util/AbstractCasFilter.java b/cas-client-core/src/main/java/org/jasig/cas/client/util/AbstractCasFilter.java index 558cefb..70a5a43 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/util/AbstractCasFilter.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/util/AbstractCasFilter.java @@ -18,8 +18,6 @@ */ package org.jasig.cas.client.util; -import java.util.Collections; -import java.util.List; import java.util.regex.Pattern; import javax.servlet.FilterConfig; @@ -38,11 +36,20 @@ import javax.servlet.http.HttpServletResponse; *

Please note that one of the two above parameters must be set.

* * @author Scott Battaglia - * @version $Revision$ $Date$ + * @author Misagh Moayyed * @since 3.1 */ public abstract class AbstractCasFilter extends AbstractConfigurationFilter { + /** + * Enumeration that defines pattern types. + * @since 3.3.1 + */ + public enum IgnorePatternTypes { + NONE, + REGEX; + } + /** Represents the constant for where the assertion will be located in memory. */ public static final String CONST_CAS_ASSERTION = "_const_cas_assertion_"; @@ -52,8 +59,15 @@ public abstract class AbstractCasFilter extends AbstractConfigurationFilter { /** Defines the parameter to look for for the service. */ private String serviceParameterName = "service"; - /** Url pattern for this filter to exclude and ignore. **/ - private Pattern ignorePattern = null; + /** Url pattern for this filter to exclude and ignore. + * @since 3.3.1 + **/ + private String ignorePattern = null; + + /** Denotes the pattern type. + * @since 3.3.1 + */ + private IgnorePatternTypes ignorePatternType = null; /** Sets where response.encodeUrl should be called on service urls when constructed. */ private boolean encodeServiceUrl = true; @@ -81,15 +95,20 @@ public abstract class AbstractCasFilter extends AbstractConfigurationFilter { final String ignorePattern = getPropertyFromInitParams(filterConfig, "ignorePattern", null); if (ignorePattern != null) { - setIgnorePattern(Pattern.compile(ignorePattern)); - logger.trace("Loading ignorePattern property: {}", this.ignorePattern.pattern()); + setIgnorePattern(ignorePattern); + logger.trace("Loading ignorePattern property: {}", ignorePattern); } + setIgnorePatternType(Enum.valueOf(IgnorePatternTypes.class, getPropertyFromInitParams(filterConfig, "ignorePatternType", + IgnorePatternTypes.REGEX.name()))); + logger.trace("Loading ignorePatternType property: {}", ignorePatternType); + initInternal(filterConfig); } init(); } + /** Controls the ordering of filter initialization and checking by defining a method that runs before the init. * @param filterConfig the original filter configuration. * @throws ServletException if there is a problem. @@ -161,10 +180,14 @@ public abstract class AbstractCasFilter extends AbstractConfigurationFilter { return this.serviceParameterName; } - public final void setIgnorePattern(final Pattern patternToIgnore) { + public final void setIgnorePattern(final String patternToIgnore) { this.ignorePattern = patternToIgnore; } + public final void setIgnorePatternType(final IgnorePatternTypes patternType) { + this.ignorePatternType = patternType; + } + /** * Template method to allow you to change how you retrieve the ticket. * @@ -183,8 +206,18 @@ public abstract class AbstractCasFilter extends AbstractConfigurationFilter { urlBuffer.append("?").append(request.getQueryString()); } final String requestUri = urlBuffer.toString(); - logger.debug("Checking [{}] against pattern [{}]", requestUri, this.ignorePattern.pattern()); - result = this.ignorePattern.matcher(requestUri).find(); + logger.debug("Checking [{}] against pattern [{}]", requestUri, this.ignorePattern); + + + switch (this.ignorePatternType) { + case NONE: + result = requestUri.contains(this.ignorePattern); + break; + case REGEX: + result = Pattern.compile(this.ignorePattern).matcher(requestUri).find(); + break; + } + } return result; } diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractTicketValidationFilter.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractTicketValidationFilter.java index 836b63a..ac5c7af 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractTicketValidationFilter.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractTicketValidationFilter.java @@ -192,13 +192,7 @@ public abstract class AbstractTicketValidationFilter extends AbstractCasFilter { final FilterChain filterChain) throws IOException, ServletException { final HttpServletRequest request = (HttpServletRequest) servletRequest; final HttpServletResponse response = (HttpServletResponse) servletResponse; - - if (isRequestUrlExcluded(request)) { - logger.debug("Request is ignored."); - filterChain.doFilter(request, response); - return; - } - + if (!preFilter(servletRequest, servletResponse, filterChain)) { return; } diff --git a/cas-client-core/src/test/java/org/jasig/cas/client/authentication/AuthenticationFilterTests.java b/cas-client-core/src/test/java/org/jasig/cas/client/authentication/AuthenticationFilterTests.java index 34d6686..b8c1bfe 100644 --- a/cas-client-core/src/test/java/org/jasig/cas/client/authentication/AuthenticationFilterTests.java +++ b/cas-client-core/src/test/java/org/jasig/cas/client/authentication/AuthenticationFilterTests.java @@ -243,4 +243,33 @@ public final class AuthenticationFilterTests { f.doFilter(request, response, filterChain); assertNull(response.getRedirectedUrl()); } + + @Test + public void testIgnorePatternsWithNoRegex() throws Exception { + final AuthenticationFilter f = new AuthenticationFilter(); + final MockServletContext context = new MockServletContext(); + context.addInitParameter("casServerLoginUrl", CAS_LOGIN_URL); + + context.addInitParameter("ignorePattern", "=valueToIgnore"); + context.addInitParameter("ignorePatternType", "NONE"); + context.addInitParameter("service", CAS_SERVICE_URL); + f.init(new MockFilterConfig(context)); + + final MockHttpServletRequest request = new MockHttpServletRequest(); + final String URL = CAS_SERVICE_URL + "?param=valueToIgnore"; + request.setRequestURI(URL); + + final MockHttpSession session = new MockHttpSession(); + request.setSession(session); + + final MockHttpServletResponse response = new MockHttpServletResponse(); + + final FilterChain filterChain = new FilterChain() { + public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { + } + }; + + f.doFilter(request, response, filterChain); + assertNull(response.getRedirectedUrl()); + } } diff --git a/cas-client-core/src/test/java/org/jasig/cas/client/validation/Cas10TicketValidationFilterTests.java b/cas-client-core/src/test/java/org/jasig/cas/client/validation/Cas10TicketValidationFilterTests.java index 174b9f7..74e6d7a 100644 --- a/cas-client-core/src/test/java/org/jasig/cas/client/validation/Cas10TicketValidationFilterTests.java +++ b/cas-client-core/src/test/java/org/jasig/cas/client/validation/Cas10TicketValidationFilterTests.java @@ -65,39 +65,4 @@ public class Cas10TicketValidationFilterTests { assertTrue(validator instanceof Cas10TicketValidator); assertTrue(((Cas10TicketValidator) validator).isRenew()); } - - @Test - public void testIgnorePatterns() throws Exception { - final Cas10TicketValidationFilter f = new Cas10TicketValidationFilter(); - - final MockServletContext context = new MockServletContext(); - context.addInitParameter("casServerUrlPrefix", "https://cas.example.com"); - context.addInitParameter("serverName", "https://localhost:8443"); - - context.addInitParameter("ignorePattern", "=valueTo(\\w+)"); - f.init(new MockFilterConfig(context)); - - final MockHttpServletRequest request = new MockHttpServletRequest(); - final String URL = "https://localhost:8443/?param=valueToIgnore"; - request.setRequestURI(URL); - request.setQueryString("ticket=ST-1234"); - request.setParameter("ticket", "ST-1234"); - - final MockHttpSession session = new MockHttpSession(); - request.setSession(session); - - final MockHttpServletResponse response = new MockHttpServletResponse(); - - final FilterChain filterChain = new FilterChain() { - public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { - } - }; - - try { - f.doFilter(request, response, filterChain); - } catch (final Exception e) { - fail("The validation request should have been ignored"); - } - - } } diff --git a/cas-client-core/src/test/java/org/jasig/cas/client/validation/Saml11TicketValidationFilterTests.java b/cas-client-core/src/test/java/org/jasig/cas/client/validation/Saml11TicketValidationFilterTests.java index c0e267e..4ba6a36 100644 --- a/cas-client-core/src/test/java/org/jasig/cas/client/validation/Saml11TicketValidationFilterTests.java +++ b/cas-client-core/src/test/java/org/jasig/cas/client/validation/Saml11TicketValidationFilterTests.java @@ -66,38 +66,4 @@ public class Saml11TicketValidationFilterTests { assertTrue(((Saml11TicketValidator) validator).isRenew()); } - @Test - public void testIgnorePatterns() throws Exception { - final Saml11TicketValidationFilter f = new Saml11TicketValidationFilter(); - - final MockServletContext context = new MockServletContext(); - context.addInitParameter("casServerUrlPrefix", "https://cas.example.com"); - context.addInitParameter("serverName", "https://localhost:8443"); - - context.addInitParameter("ignorePattern", "=valueTo(\\w+)"); - f.init(new MockFilterConfig(context)); - - final MockHttpServletRequest request = new MockHttpServletRequest(); - final String URL = "https://localhost:8443/?param=valueToIgnore"; - request.setRequestURI(URL); - request.setQueryString("SAMLart=ST-1234"); - request.setParameter("SAMLart", "ST-1234"); - - final MockHttpSession session = new MockHttpSession(); - request.setSession(session); - - final MockHttpServletResponse response = new MockHttpServletResponse(); - - final FilterChain filterChain = new FilterChain() { - public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { - } - }; - - try { - f.doFilter(request, response, filterChain); - } catch (final Exception e) { - fail("The validation request should have been ignored"); - } - - } }